outsteel | 7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda | Triage

Submit
Reports

Overview

overview

Static

static

7963f8606e...da.exe

windows7_x64

7963f8606e...da.exe

windows10-2004_x64

Sharing

General

Target

7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda
Size

1.0MB
Sample

220228-dwbl1sdac8
MD5

61a3d983a1fde813204b8f6f13842163
SHA1

336a3a59b782b49c2253bd0afeefdb43b24f70b6
SHA256

7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda
SHA512

a6cdbc9faae3f9d989d9c5f165dd56c3822997e463bbc924b61067fb1b1719b14ec8d60a4046ade564bdc310dd6177dfa8e84d04a0ac9226cd3f1cfdeb2adbe9

Score

10^/10

outsteel agilenet spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda.exe

Resource

win7-en-20211208

outsteel agilenet spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda.exe

Resource

win10v2004-en-20220113

outsteel spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda
- Size
  
  1.0MB
- MD5
  
  61a3d983a1fde813204b8f6f13842163
- SHA1
  
  336a3a59b782b49c2253bd0afeefdb43b24f70b6
- SHA256
  
  7963f8606e4c0e7502a813969a04e1266e7cd20708bef19c338e8933c1b85eda
- SHA512
  
  a6cdbc9faae3f9d989d9c5f165dd56c3822997e463bbc924b61067fb1b1719b14ec8d60a4046ade564bdc310dd6177dfa8e84d04a0ac9226cd3f1cfdeb2adbe9
Score

10^/10

outsteel agilenet spyware stealer
- OutSteel
  OutSteel is a file uploader and document stealer written in AutoIT.
  stealer outsteel
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

outsteelagilenetspywarestealer

behavioral2

outsteelspywarestealer

© 2018-2024

Terms | Privacy